Outgoing DNS queries are when a system attempts to look up DNS entries for domain name.

For example if I type www.redhat.com in my browser, it creates an ‘outgoing’ query — we are sending an outgoing request to find out what the DNS entries are for www.redhat.com.

As mentioned there is a ‘flow’ to this as to how to gets processed through several components.

The typical outgoing flow starts like so:

command/application sends query for www.redhat.com -> glibc -> nsswitch

glibc has two main functions — the older legacy gethostbyname() and/or the more modern getaddrinfo() to translate the hostname or fully qualified domain name (FQDN) to an IPv4/IPv6 address.

When it does this, the first step it takes is to pass the request to The Name Service Switch (nsswitch). The Name Service Switch (NSS) configuration file, /etc/nsswitch.conf, is used to configure the sources from which to obtain name-service information and in what order.

It’s important to note that DNS specific tools such as ‘nslookup’ and ‘dig’ do -NOT- go through glibc, and therefore do not go through nsswitch. They use /etc/resolv.conf directly (more on that later).